Alert: Protect Your Church from WannaCry Malware
Did you protect your church from WannaCry malware? We’ve been getting a lot of calls from our churches about it over the last few days. If you haven’t heard, a computer malware named Wcry, commonly known as “WannaCry” or “WannaCrypt” has struck – and the damage is worldwide. This attack began late last week on March 12 and is still causing problems.
There’ve been quite a few reports on the attack exploit and how it was stolen from the NSA, as well as how the hackers warped it for their own malicious use.
Since this attack is not over, we urge you to:
- Work with your IT team to evaluate all computer systems for exposure and immediately update your systems. If you do not have an IT team, please work with someone at your ministry who is familiar with technology to check and update your computer systems.
- Advise staff to implement extreme caution with all email. Do not open suspicious emails or attachments. Delete them immediately and call the sender to verify they sent the attachment and then ask them to resend you the files.
- Discuss this malware with your staff immediately and discuss how to prevent exposure.
How to protect your church from WannaCry malware
If you are running a vulnerable version of Microsoft Windows, immediately install the security update released by Microsoft on Friday. Learn about what versions are affected and download the security updates from Microsoft, here (find them at the bottom of the article). You should also deploy all Windows security patches from Windows Update to protect your church from WannaCry malware.
What to do if you have been a victim
This particular malware is a ransomware attack. If your system is compromised, you’ll get a message on your computer demanding $300.00 to restore access to your computer system and its files.
There is debate on whether or not to pay the ransom. Many security experts are suggesting victims not pay, but you’ll need to do what’s right for you and your ministry.
Keep in mind that if you do decide to pay, there is no guarantee that your system will be restored and that it has not been further compromised.
If your system is compromised, and you are following data security best practices and have a data or system backup, you may need to roll back to a previous backup or restore your lost data from an archive disk.
Microsoft is calling this attack a “wake-up call”
When you gather internally to discuss this threat, you’ll want to cover what precautions staff should take to avoid exposure and have a plan in place should your ministry or personal computers with ministry data on them be attacked.
We’re urging all of our ministries to protect your church from WannaCry malware by running the latest computer system security updates, including the emergency security update above, for your Microsoft Windows-based computers.
We also strongly urge you to prepare for an eventual breach of your systems. It’s not a matter of “if,” it’s a matter of when.
Remember, in the event of a data breach we’re here for you.
P.S. Just as a reminder, we have some great cyberliability resources in place for you:
- Blog: Why Do Churches Get Hacked?
- Blog: 5 Church Cyber-Security Risks & Solutions
- Cyber Security Checklist
- Guidelines for Computerized Financial Records
Were you able to protect your church from WannaCry malware? Did your systems get hit with WannaCry malware? Did you pay the ransom? Tell us your story in the comments, below. You can also talk to us on Twitter or Facebook.